Wpa_supplicant P2P SSID Management Vulnerability (CVE-2015-1863)

Source: Internet
Author: User
Tags cve

Wpa_supplicant P2P SSID Management Vulnerability (CVE-2015-1863)
Wpa_supplicant P2P SSID Management Vulnerability (CVE-2015-1863)


Release date:
Updated on:

Affected Systems:

Android Android 5.x
Android Android 4.x
Android wpa_supplicant 1.0-2.4

Description:

CVE (CAN) ID: CVE-2015-1863

Wpa_supplicant is a Wi-Fi function component of Android and supports wireless connection authentication.

When wpa_supplicant v1.0-v2.4 uses the SSID information after management frame resolution, a buffer overflow vulnerability exists in implementation. Attackers send specially crafted management frames to the affected system to trigger the creation or update of P2P peer-to-peer device information, resulting in heap corruption, DOS, memory leakage, and arbitrary code execution. To exploit this vulnerability, you must enable the CONFIG_P2P build option.

<* Source: Alibaba security team

Link: http://seclists.org/oss-sec/2015/q2/242? Spm = 0.0.0.0.anLUMO
*>

Suggestion:

Temporary solution:

If you cannot install or upgrade the patch immediately, NSFOCUS recommends that you take the following measures to reduce the threat:

* Update wpa_supplicant v2.5 or later
* Disable P2P (in the wpa_supplicant configuration file, control the interface command "P2P_SET disabled 1" or "p2p_disabled = 1 ")
* Disable P2P from build (delete CONFIG_P2P = y)
* Merge the following submissions to wpa_supplicant and recreate them:
P2p: Verify the SSID element length before copying
Patch acquisition location: http://w1.fi/security/2015-1/

Vendor patch:

Android
-------
The vendor has released a patch to fix this security problem. Please download it from the vendor's homepage:

Http://www.openhandsetalliance.com/android_overview.html

This article permanently updates the link address:

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.